Cloudwf 2062 - address discrepancies in vuln generation #22
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…advisories, added tests
…g oval manifest for new advisories, added comments, additional tests
… rpm parsing and efficient ordering of assessments for whether a given advisory is already processed
… and db lookups for already-processed, refactored manifest entry processing to iterate processing by document instead of all at once
…te to post-gather loop, fixed struct xml attribute ref
…red to database, updated tests
…lly excluding the first entry)
…or each namespace
…Name+FlagValue) - redhat package uses ovalv2, needs multiple flags to update multiple key/value processing status markers - updated existing vulnsrc impls to use the flag map
…or each namespace
…Name+FlagValue) - redhat package uses ovalv2, needs multiple flags to update multiple key/value processing status markers - updated existing vulnsrc impls to use the flag map
…pi provider in integration tests
…r out duplicate vuln data which appears across multiple oval docs), updated logging levels
…r out duplicate vuln data which appears across multiple oval docs), organized logging into logical groups, added tests
…a, removed unnecessary len() check from cpe name parsing
…com/johnbe11/clair into CLOUDWF-129_updateintegration_tests
|
@Allda - rebased and resolved conflicts |
|
@johnbe11 I still think you screwed up with a rebase. There are currently 90 commits in the PR and most of them are duplicated. Please clean up your commit history. |
Allda
reviewed
Jul 2, 2020
Allda
reviewed
Jul 2, 2020
…ny non-duplicate features of same-named vulnerabilities are merged rather than skipped, added tests
|
@Allda I still need to clean up the commit history, but otherwise this is ready for another review if you have time |
Allda
reviewed
Jul 20, 2020
| i := GetPendingVulnerabilitySliceIndex(vulnerabilities, vulnerability) | ||
| if i >= 0 { | ||
| // merge any new unique vuln features into the existing vuln | ||
| vulnerabilities[i] = MergeVulnerabilityFeature(vulnerability, vulnerabilities[i]) |
There was a problem hiding this comment.
CollectVulnsForAdvisory takes a single oval file and return vulnerabilities.. how this is going to work when the same combination of RHSA + CVE is also present in different oval file? Can you do a merging outside of CollectVulnsForAdvisory when all data are collected?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes related to https://projects.engineering.redhat.com/browse/CLOUDWF-2062 (Address discrepancies in OVAL data vs VMaaS)